欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页  >  科技

多节点通过PPP连接,节点/用户/客户机之间互相访问ping

程序员文章站 2022-04-09 17:40:52
"多节点通过PPP连接,节点/用户/客户机之间互相访问ping" 转载注明来源: "本文链接" 来自 "osnosn的博客" ,写于 2019 04 14. 有A, B, C 三台客户机,通过ppp虚拟拨号连接到服务器。 搜索"ppp over ssh" "VPN PPP SSH Mini HOWT ......

多节点通过ppp连接,节点/用户/客户机之间互相访问ping

转载注明来源: 来自,写于 2019-04-14.

有a, b, c 三台客户机,通过ppp虚拟拨号连接到服务器。

发现a, b, c分别能访问服务器,但a,b,c之间不能互访,不能互ping,即使ppp的ip都配置到一个网段。

经过反复测试,解决问题,a,b,c之间可以互相ping通,互相访问了。
以下是配置的关键点:

  • server: (打开内核ip转发,开放iptables的转发规则)
    • sysctl -w net.ipv4.ip_forward=1
    • iptables -a forward -s 192.168.33.0/24 -d 192.168.33.0/24 -j accept
  • client: (每个客户端都需要加上192.168.33.0/24的路由)
#!/bin/sh -e

# debain: copy this file to "/etc/ppp/ip-up.d/" , and chmod +x file.
# centos: append this lines to "/etc/ppp/ip-up.d/ip-up.local" , and chmod +x ip-up.local
# openwrt:append this lines to "/etc/ppp/ip-up" , and chmod +x ip-up

# ppp_iface="$1", ppp_local="$4", ppp_remote="$5"
if [ "$5" = "192.168.33.2" ]; then
    /sbin/ip route add 192.168.33.0/24 via $5 dev $1
fi
exit 0

----完----



以下是几个脚本的备份。

# server
visudo:
     vpn     all=(root)      nopasswd: /usr/sbin/pppd

vpn-shell

#!/bin/sh
# vpn-shell , server

#echo "$*" >> /home/vpn/log

if [ -z "$*" ];then
   echo 'login succeed.'
   exit 0
fi

a="`expr "$*" : '-c /usr/bin/sudo /usr/sbin/pppd '`"
b="`expr "$*" : '-c /usr/sbin/ppp -direct '`"
g="`expr "$*" : '-c sudo /usr/sbin/pppd '`"
h="`expr "$*" : '-c /usr/sbin/pppd '`"

if [ "$a" = "32" -o "$b" = "25" -o "$g" = "23" -o "$h" = "18" ] ;then
   a="`expr "$*" : '-c \(.*\)'`"
#   eval "$a"
   exec $a
#   echo "$a"
fi

exit 0
logout

vpn-pppssh.sh

#!/bin/sh
# vpn-pppssh.sh , client

#### check hostkey in file ".ssh/known_hosts"  #####

link_name=my-ppp-vpn
link_peer_name=my-ppp-vpn
server_hostname=6.6.6.6
server_username=vpn
server_ifipaddr=192.168.33.1   #fix ip
client_ifipaddr=192.168.33.7
local_ssh_opts="-p"
path=/usr/local/sbin:/sbin:/bin:/usr/sbin:/usr/bin:/usr/bin/x11/:
pppd=/usr/sbin/pppd
ssh=/usr/bin/ssh
if ! test -f $pppd  ; then echo "can't find $pppd";  exit 3; fi
if ! test -f $ssh   ; then echo "can't find $ssh";   exit 4; fi
case "$1" in
  start)
    # echo -n "starting vpn to $server_hostname: "
    ${pppd} ipparam ${link_name} updetach noauth passive pty "${ssh} ${local_ssh_opts} ${server_hostname} -t -l${server_username} -p 443 -o batchmode=yes /usr/bin/sudo ${pppd} nodetach noauth ipparam ${link_peer_name} idle 3700" ${client_ifipaddr}:${server_ifipaddr} nodefaultroute idle 1800 connect-delay 8000
    # echo "connected."
    ;;
  stop)
        # echo -n "stopping vpn to $server_hostname: "
        pid=`ps ax | grep "${pppd} ipparam ${link_name} updetach noauth passive" | grep -v 'grep ' | awk '{print $1}'`
        if [ "${pid}" != "" ]; then
          kill $pid
          echo "disconnected."
        else
          echo "failed to find pid for the connection"
        fi
    ;;
  config)
    echo "link_name=$link_name"
    echo "link_peer_name=$link_peer_name"
    echo "server_hostname=$server_hostname"
    echo "server_username=$server_username"
    echo "server_ifipaddr=$server_ifipaddr"
    echo "client_ifipaddr=$client_ifipaddr"
  ;;
  *)
    echo "usage: vpn-pppssh {start|stop|config}"
    exit 1
    ;;
esac
exit 0

转载注明来源: 来自.